Lucene search
+L

214 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.32 views

RHEL 9 : openvswitch2.17 (RHSA-2023:1769)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1769 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...

8.2CVSS7.7AI score0.01216EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.50 views

RHEL 9 : openvswitch3.1 (RHSA-2023:1770)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1770 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...

8.2CVSS7.7AI score0.01216EPSS
Exploits0References6
Prion
Prion
added 2023/04/10 10:15 p.m.26 views

Design/Logic Flaw

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

6.4CVSS7.7AI score0.01216EPSS
Exploits0References6Affected Software5
UbuntuCve
UbuntuCve
added 2023/04/10 12:0 a.m.35 views

CVE-2023-1668

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

8.2CVSS6.7AI score0.01216EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/04/10 12:0 a.m.98 views

CVE-2023-1668

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

8.2CVSS8AI score0.01216EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.39 views

K21274200: Linux kernel vulnerability CVE-2017-16914

Security Advisory Description The "stubsendretsubmit" function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service NULL pointer dereference via a specially crafted USB over IP packet. CVE-2017-16914 Impact...

7.1CVSS5.9AI score0.04373EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/09 6:58 a.m.8 views

CVE-2022-25734 Loop with Unreachable Exit Condition in MODEM

Denial of service in modem due to missing null check while processing IP packets with padding...

7.5CVSS7.1AI score0.00406EPSS
Exploits0References1
Veracode
Veracode
added 2022/08/21 11:8 a.m.24 views

Buffer Overflow

u-boot is vulnerable to buffer overflow. The vulnerability exists because the hole descriptor overwrite in U-Boot IP Packet Defragmentation which allows an attacker to perform arbitrary out of bound writes...

7.8CVSS7.6AI score0.00554EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2022/06/14 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2022:2058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.00554EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.26 views

Slackware: Security Advisory (SSA:2009-342-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.03872EPSS
Exploits1References3
CVE
CVE
added 2022/04/15 2:17 p.m.93 views

CVE-2022-20622

CVE-2022-20622 affects Cisco’s Embedded Wireless Controller with Catalyst Access Points Software. The root cause is improper rate limiting of IP packets to the management interface, enabling an unauthenticated, remote attacker to send a high-rate stream to the management interface. This can cause...

8.6CVSS7.7AI score0.01332EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/07 12:0 a.m.7 views

PT-2022-2808

Name of the Vulnerable Software and Affected Versions U-Boot version 2022.01 Description The issue is related to a buffer overflow in the CONFIG IP DEFRAG function, which is responsible for IP packet defragmentation in U-Boot bootloaders for Linux-based embedded operating systems. This is caused ...

9.8CVSS7.2AI score0.02612EPSS
Exploits2References61
NVD
NVD
added 2022/03/30 4:15 p.m.19 views

CVE-2021-23850

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload...

7.2CVSS0.01466EPSS
Exploits0References2
OSV
OSV
added 2022/03/30 4:15 p.m.4 views

CVE-2021-23851

A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload ...

7.2CVSS6.3AI score0.01466EPSS
Exploits0References2
NCSC
NCSC
added 2021/12/27 12:0 a.m.6 views

Vulnerabilities fixed in NetBSD

Vulnerabilities have been fixed in NetBSD's IP stack. Because the randomizer for IP packet ID is not turned on by default, and the randomizer is not random enough when it is enabled, a malicious party can analyze the IP traffic and possibly gain access to sensitive data via a man-in-the-middle...

7.5CVSS6.9AI score0.00964EPSS
Exploits0
NVD
NVD
added 2021/10/27 7:15 p.m.22 views

CVE-2021-40116

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset action...

8.6CVSS0.01346EPSS
Exploits0References1
OSV
OSV
added 2021/10/27 7:15 p.m.4 views

CVE-2021-40116

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset action...

7.5CVSS5.8AI score0.01346EPSS
Exploits0References1
Prion
Prion
added 2021/10/27 7:15 p.m.19 views

Input validation

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset action...

7.1CVSS7.5AI score0.01346EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2021/10/27 6:56 p.m.27 views

CVE-2021-40116 Multiple Cisco Products Snort Rule Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset action...

8.6CVSS8.6AI score0.01346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/10/27 6:56 p.m.8 views

CVE-2021-40116 Multiple Cisco Products Snort Rule Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset action...

8.6CVSS7AI score0.01346EPSS
Exploits0References1
Rows per page
Query Builder